<?php
	session_start();
	error_reporting (E_ALL ^ E_NOTICE);
	$username = $_POST['username'];
	$password = $_POST['password'];
	$email = $_POST['email'];
	$firstname = $_POST['firstname'];
	$lastname = $_POST['lastname'];
	$gender = $_POST['gender'];
	$username = htmlspecialchars($username);
	$password = htmlspecialchars($password);
	$email = htmlspecialchars($email);
	$firstname = htmlspecialchars($firstname);
	$lastname = htmlspecialchars($lastname);
	$gender = htmlspecialchars($gender);
	$hostname_conn = "127.0.0.1"; 
	$database_conn = "onestoptravelsgdb";
	$username_conn = "admin"; 
	$password_conn = "1stoptravel";
	$db_handle = mysql_connect($hostname_conn, $username_conn, $password_conn);
	if (!db_handle) {
		echo "<h2>An error has occurred.</h2><br/><p>Signup error: Database connection error.</p>";
	} else {
		$db_found = mysql_select_db($database_conn, $db_handle);
		if ($db_found) {
			$SQL = "SELECT * FROM users WHERE username = '" . $username ."';";
			$result = mysql_query($SQL);
			if (mysql_num_rows($result) > 0) {
				echo "<h2>An error has occurred.</h2><br/><p>Signup error: Username already exists! Please choose another username.</p>";
			}
			else {
				$SQL = "INSERT INTO users VALUES ('" . $username . "', '" . $password . "', '" . $email . "', '" . $firstname . "', '" . $lastname . "', '" . $gender . "', '" . date('Y-m-d') . "', 'Singaporean'" . ");";
				mysql_query($SQL);
				echo "okay";
			}
		}
		else {
			echo "<h2>An error has occurred.</h2><br/><p>Signup error: Database not found.</p>";
		}
	}
	mysql_close($db_handle);
?>